Bit Form Security Vulnerabilities and Issues — Bit Form CVE List

Lucene search

BitappsBit Form

6 matches found

CVE•added 2024/08/26 9:15 p.m.•44 views

CVE-2024-43251

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro.This issue affects Bit Form Pro: from n/a through 2.6.4.

6.5CVSS6.9AI score0.00292EPSS

CVE•added 2024/08/19 6:15 p.m.•41 views

CVE-2024-43250

Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bit Form Pro: from n/a through 2.6.4.

7.1CVSS7AI score0.00099EPSS

CVE•added 2024/07/09 8:15 a.m.•39 views

CVE-2024-6123

The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'iconUpload' function in all versions up to, and including, 2.13.3. This makes it possible for authenticated attackers, with administrator-level and above permissions, to upload arbi...

7.2CVSS7.5AI score0.03478EPSS

CVE•added 2024/08/19 6:15 p.m.•37 views

CVE-2024-43249

Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4.

9.9CVSS9.6AI score0.03078EPSS

CVE•added 2024/08/19 6:15 p.m.•36 views

CVE-2024-43248

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4.

9.1CVSS8.6AI score0.00213EPSS

CVE•added 2024/10/05 1:15 p.m.•34 views

CVE-2024-47319

Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form – Contact Form Plugin allows Code Injection.This issue affects Bit Form – Contact Form Plugin: from n/a through 2.13.10.

8CVSS8AI score0.00388EPSS